The information here is given in compliance with article 13 of Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation or G.D.P.R.):

The website at www.pelc.gr (the “Site”) and its services are operated by Power Electronics Control Ltd. (“PELC” or “we” or “us”) which is a private limited company having its registered seat in European Union (Capital Trade Center – 22, Laertou str. Pilea, 55535, Thessaloniki Greece – Greek Tax Identification Number: EL095389451, Ζ’ Thessaloniki Tax Bureau – Greek General Commercial Registry Number: 38357705000). This Privacy Notice sets out how we collect, use, retain and disclose personal data that we hold about you and gives information on how to exercise your legal rights. We are taking all necessary measures to provide you (the “User” or the “Data Subject”) the information referred to Articles 13 and 14 GDPR in a concise, transparent, intelligible, and easily accessible form. This privacy notice is only applicable to the Site.

Processing Manager

Power Electronics Control Ltd. as a data controller determines the purposes and means of the processing of your personal data. PELC is a private limited company having its registered seat in European Union (Capital Trade Center – 22, Laertou str. Pilea Thessaloniki Greece – Greek Tax Identification Number: EL095389451. Ζ’ Thessaloniki Tax Bureau – Greek General Commercial Registry Number: 38357705000). Mrs. Asimina Thanou has been appointed by the company to be in charge to address any questions, comments or concerns about our Data Protection Policy. Please contact us by email at pelc@pelc.gr or call +30 2310414925 during regular work hours.

What personal data we process, for what purpose, the legal basis and the period of retention

The User can access the Site and browse without disclosing any personal data except of information collected automatically for IT security and system diagnostic purposes, i.e. the User’s IP address and strictly necessary cookies. The legality of the data processing is governed by Article 6 (1) (a) G.D.P.R. Therefore, consent is not requested and the legal basis is a legitimate interest (i.e. interest in the operation of the Site and its services) within the meaning of Article 6 (1) (a) G.D.P.R. The use of strictly necessary cookies falls within the exemption of Article 4 (5) (c) of Greek Law 3471/2006, as replaced by Article 170 of Greek Law 4072/2012. Greek Law 3471/2006 incorporates Directive 2002/58/EC of the European Parliament and of the Council of 12^th July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (e Privacy Directive). In every other aspect, consent is requested. The User has to actively opt in and consent to our use of functionality cookies, performance cookies, targeting/advertising cookies, Google Analytics cookies and web beacons. The User consent allows the Site to remember choices he/she makes and provide enhanced, more personal features, to deliver adverts more relevant to the User. By processing the User’s data we can generate user statistics reports to determine how the Users make use of the Site and to optimize the Site’s content and its services. Pursuant to the minimization principle we identify the minimum amount of personal data we need to fulfill our purposes. We retain personal data for 50 months.

Security and Integrity of Proccessing

We implement appropriate technical and organizational measures to ensure and to be able to demonstrate that processing performed is in accordance with GDPR. Only personal data which are necessary for each specific purpose of the processing are processed. Taking into account the state of the art, the nature, scope, context and purposes of processing, we implement the measures that Article 32 G.D.P.R provides for.

Confidentiality / processors / transfers outside EU & EEA

Access is denied at all times to unauthorized and external persons. Access can only be granted after explicit approval by an employee along with providing the reason for such access. Where processing is to be carried out on behalf of our company, we use only processors providing sufficient guarantees to implement appropriate technical and organizational measures in such a manner that processing will meet the G.D.P.R. requirements and ensure the protection of the rights of the data subject. As an example, we may use processors for advertising purposes or for receiving IT services. Pursuant to Article 45 (3) G.D.P.R a transfer of personal data to a third country outside the European Union and the European Economic Area (EEA) takes place only after the European Commission assesses the adequacy of the level of protection.

Your Data Protection Rights

We would like to make sure you are fully aware of all your data protection rights. Every User is entitled to the following:

• The Right to Access: Pursuant to Article 15 G.D.P.R the User has the right to be aware of, and verify, the lawfulness of the processing. Therefore, the User has the right to access the personal data which have been collected and get additional information about their processing.
• The Right to Rectification: Pursuant to Article 16 G.D.P.R the User has the rights to revise, correct, update or modify his/her personal data. The User also has the right to be informed on the recipients of the data, should he/she wishes to.
• The Right to Restrict Processing: Pursuant to Article 18 G.D.P.R the User is entitled to request the limitation of his/her personal data processing in the following cases: (a) when the accuracy of the personal data cannot be established and until the data is verified, (b) when he/she objects to the personal data deletion and requests the limitation of their use rather than deletion, (c) when specific personal data are not required for processing purposes, they are, however, indispensable for the foundation, exercise, support of legal claims, and (d) when he/she opposes to the processing and until it is verified that there are legitimate grounds that concern us and supersede the reasons for which the User is opposed to the processing. The User also has the right to be informed on the recipients of the data, should he/she wishes to.
• The Right to Object to Processing: The User is entitled to oppose to his/her personal data processing, at all times, in case where, as described above, this is necessary on the legitimate interests grounds as pursued by us, as controllers, as well as in the data processing for direct marketing purposes and consumer profile creation. The User also has the right to be informed on the recipients of the data, should he/she wishes to.
• The Right to Erasure: Pursuant to Article 17 the User has the right to request the deletion of his/her personal data in the course of processing under his/her consent or on the basis of our legitimate interests. In any other case, indicatively in the existence of a contract, a lawful obligation to personal data processing, or a public interest, the right shall be subject to restrictions or shall be withdrawn, as the case may be.
• The Right to Data Portability: Pursuant to Article 20 G.D.P.R the User is entitled to receive his/her personal data free of charge in a format that allows his/her to access, use, and edit them with commonly used editing methods. Moreover, the User has the right to request, if technically feasible, to pass the data directly to another controller. Such rights is granted for the data the User has provided to us and are subject to processing by automated means based on his/her consent or execution of a relevant contract.
• The Right to Revoke Consent

Where processing is based on the User’s consent, the User has the right to revoke it without affecting the legality of consent-based processing in the period prior to said revocation. To revoke your consent please contact us by email at pelc@pelc.gr

To exercise any of the above rights you can contact us by email at pelc@pelc.gr or call at +30 2310 414 925 In the above cases we will make every effort to respond to your request within thirty (30) days upon submission. Such deadline may be extended for an additional sixty (60) days, if deemed necessary, taking into account the complexity of the request and the number of requests, and in such case we will inform you within the aforementioned deadline of thirty (30) days.

• The Right to Lodge a Complaint: The User may lodge a complaint with the Greek Supervisory Authority (Hellenic Data Protection Authority, 1-3, Kifissia’s Avenue, Athens, GR11523, Greece – land line: +302106475600 – email address: contact@dpa.gr)